some includes changed, more work on the signing

diff --git a/dnssec.c b/dnssec.c
index a419fff59c09af37adc6a240ce466034218822f4..b017661d53418be86d2d587e6ff211495452a8fd 100644 (file)
--- a/dnssec.c
+++ b/dnssec.c
@@ -765,16 +765,39 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
                /* set the ttl from the priv key on the rrset */
                for (i = 0; i < ldns_rr_list_rr_count(rrset); i++) {
                        ldns_rr_set_ttl(
-                                       ldns_rr_list_rr(rrset_clone, i),
-                                       orig_ttl);
+                                       ldns_rr_list_rr(rrset_clone, i), orig_ttl);
                }
                /* fill in what we now of the signature */
-
-               
-               /* right now, we have: a key, a semi-sig and an rrset */
-
-
+               /* set the orig_ttl */
+               ldns_rr_set_origttl(current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl));
+               /* the signers name */
+               ldns_rr_set_signame(current_sig, 
+                               ldns_key_pubkey_owner(current_key));
+               /* label count - get it from the first rr in the rr_list */
+               ldns_rr_set_labels(current_sig, 
+                               ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, ldns_rr_label_count(
+                                               ldns_rr_list_rr(rrset_clone, 0))));
+               /* inception, expiration */
+               ldns_rr_set_inception(current_sig,
+                               ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_inception(current_key)));
+               ldns_rr_set_expiration(current_sig,
+                               ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_expiration(current_key)));
+               /* key-tag */
+               ldns_rr_set_keytag(current_sig,
+                               ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, ldns_key_keytag(current_key)));
+
+               /* algorithm - check the key and substitute that */
+               ldns_rr_set_algorithm(current_sig,
+                               ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, ldns_key_algorithm(current_key)));
                
+               /* type-covered */
+               ldns_rr_set_typecovered(current_sig,
+                               ldns_native2rdf_int16(LDNS_RDF_TYPE_TYPE,
+                                       ldns_rr_get_type(ldns_rr_list_rr(rrset_clone, 0))));
+
+               /* right now, we have: a key, a semi-sig and an rrset. For
+                * which we can create the sig and base64 encode that and
+                * add that to the signature */
 
        }
 

diff --git a/keys.c b/keys.c
index ab6af8a51bb288f86cdbe3967ef050f2a0652b72..3f0df4ea5a5b39189e93a18a768a11f33eb8543f 100644 (file)
--- a/keys.c
+++ b/keys.c
@@ -82,6 +82,11 @@ ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r)
        k->_pubkey_owner = r;
 }
 
+void
+ldns_key_set_keytag(ldns_key *k, uint16_t tag)
+{
+       k->_extra.dnssec.keytag = tag;
+}
 
 /* read */
 size_t
@@ -142,6 +147,12 @@ ldns_key_expiration(ldns_key *k)
        return k->_extra.dnssec.expiration;
 }
 
+uint16_t
+ldns_key_keytag(ldns_key *k)
+{
+       return k->_extra.dnssec.keytag;
+}
+
 /* todo also for tsig */
 
 ldns_rdf *

diff --git a/ldns/dns.h b/ldns/dns.h
index 9f0b7d202ef45fcd18f0372815568a27c8c9e76f..e5aeba5a2747fbd4933c8c80beab19a2834bdceb 100644 (file)
--- a/ldns/dns.h
+++ b/ldns/dns.h
@@ -28,6 +28,8 @@
 #include <ldns/rr.h>
 #include <ldns/str2host.h>
 #include <ldns/wire2host.h>
+#include <ldns/rr_functions.h>
+#include <ldns/keys.h>
 
 #define LDNS_IP4ADDRLEN      (32/8)
 #define LDNS_IP6ADDRLEN      (128/8)

diff --git a/ldns/dnssec.h b/ldns/dnssec.h
index 9261bc2ae5081a27836198129544595101ff9f3e..9a3b95577698502da6767b34cd869c865fc6d722 100644 (file)
--- a/ldns/dnssec.h
+++ b/ldns/dnssec.h
@@ -12,7 +12,10 @@
 #define _DNSSEC_H_
 
 #include <openssl/ssl.h>
-#include <ldns/ldns.h>
+#include <ldns/common.h>
+#include <ldns/dns.h>
+#include <ldns/buffer.h>
+#include <ldns/packet.h>
 
 /**
  * algorigthms used in dns

diff --git a/ldns/keys.h b/ldns/keys.h
index 886cdf983fc183e318d89acc6d612fae952806a2..ee18dd57abbed3a55438e19ad155965f04eb2730 100644 (file)
--- a/ldns/keys.h
+++ b/ldns/keys.h
@@ -15,18 +15,19 @@
 #define _LDNS_KEYS_H
 
 #include <openssl/ssl.h>
-
 #include <util.h>
 
+#include <ldns/dnssec.h>
+
 extern ldns_lookup_table ldns_signing_algorithms[];
 
 enum ldns_enum_signing_algorithm
 {
-       LDNS_SIGN_ALG_RSAMD5     = 1,
-       LDNS_SIGN_ALG_RSASHA1    = 2,
-       LDNS_SIGN_ALG_DSAMD5     = 3,
-       LDNS_SIGN_ALG_DSASHA1    = 4,
-       LDNS_SIGN_ALG_HMACMD5    = 5
+       LDNS_SIGN_ALG_RSAMD5     = LDNS_RSAMD5,
+       LDNS_SIGN_ALG_RSASHA1    = LDNS_RSASHA1,
+       LDNS_SIGN_ALG_DSAMD5     = LDNS_DSA,
+       LDNS_SIGN_ALG_DSASHA1    = 140, /* not official! */
+       LDNS_SIGN_ALG_HMACMD5    = 150  /* not official! */
 };
 typedef enum ldns_enum_signing_algorithm ldns_signing_algorithm;
 
@@ -47,6 +48,7 @@ struct ldns_struct_key {
                        uint32_t orig_ttl;
                        uint32_t inception;
                        uint32_t expiration;
+                       uint16_t keytag;
                }  dnssec;
                struct {
                        uint16_t fudge;
@@ -76,7 +78,7 @@ void ldns_key_set_ttl(ldns_key *k, uint32_t t);
 void ldns_key_set_inception(ldns_key *k, uint32_t i);
 void ldns_key_set_expiration(ldns_key *k, uint32_t e);
 void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r);
-
+void ldns_key_set_keytag(ldns_key *k, uint16_t tag);
 size_t ldns_key_list_key_count(ldns_key_list *key_list);
 ldns_key * ldns_key_list_key(ldns_key_list *key, size_t nr);
 
@@ -87,6 +89,7 @@ unsigned char * ldns_key_hmac_key(ldns_key *k);
 uint32_t ldns_key_ttl(ldns_key *k);
 uint32_t ldns_key_inception(ldns_key *k);
 uint32_t ldns_key_expiration(ldns_key *k);
+uint16_t ldns_key_keytag(ldns_key *k);
 void ldns_key_list_set_key_count(ldns_key_list *key, size_t count);
 ldns_rdf * ldns_key_pubkey_owner(ldns_key *k);
 bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key);

diff --git a/ldns/ldns.h b/ldns/ldns.h
index f24f6d840c39aea08ddc12a38ecede1f9720be15..eb85fc1426b48ebf5d41bc1730f62d49a298db49 100644 (file)
--- a/ldns/ldns.h
+++ b/ldns/ldns.h
@@ -23,6 +23,8 @@
 #include <ldns/resolver.h>
 #include <ldns/dns.h>
 #include <ldns/net.h>
+#include <ldns/dnssec.h>
 #include <ldns/keys.h>
+#include <ldns/rr_functions.h>
 
 #endif /* _LDNS_H */

diff --git a/ldns/rr.h b/ldns/rr.h
index d8b338a2b2364cbb8091508ce8d93f62ff5c8721..dfca22a0603deb580f2e9ce188026dd6e37bef41 100644 (file)
--- a/ldns/rr.h
+++ b/ldns/rr.h
@@ -284,8 +284,11 @@ void ldns_rr_list2canonical(ldns_rr_list *);
 void ldns_rr2canonical(ldns_rr *);
 
 ldns_rr * ldns_rr_new_frm_fp(FILE *fp);
-
-
-
+/** 
+ * count the number of labels of the ownername
+ * \param[in] rr 
+ * \return the number of labels
+ */
+uint8_t ldns_rr_label_count(ldns_rr *rr);
 
 #endif /* _LDNS_RR_H */

diff --git a/ldns/rr_functions.h b/ldns/rr_functions.h
index a91638c9de22a8b694c123543284339fdf9cf1ea..8316d7e861c8e71000d7be487157e922433c1cf7 100644 (file)
--- a/ldns/rr_functions.h
+++ b/ldns/rr_functions.h
@@ -13,23 +13,4 @@
 #ifndef _RR_FUNCTIONS_H
 #define _RR_FUNCTIONS_H
 
-#define _LDNS_RR_FUNCTION(RR, POS, TYPE)               \
-        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {     \
-                return false;                          \
-        }                                              \
-        return ldns_rr_rdf((RR), (POS));               
-
-#define _LDNS_RR_SET_FUNCTION(RR, RDF, POS, TYPE)      \
-        ldns_rdf *pop;                                 \
-        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {     \
-                return false;                          \
-        }                                              \
-        pop = ldns_rr_set_rdf((RR), (RDF), (POS));     \
-        if (pop) {                                     \
-                FREE(pop);                             \
-                return true;                           \
-        } else {                                       \
-                return false;                          \
-        }                                              
-
 #endif /* _RR_FUNCTIONS_H */

diff --git a/mx.c b/mx.c
index 50e3f43da20430fcf73035b18efbc65289056cd9..8dc15806147465d51178b39fd3618adf4bf4e616 100644 (file)
--- a/mx.c
+++ b/mx.c
@@ -5,7 +5,7 @@
 
 #include <stdio.h>
 #include <config.h>
-#include <ldns/dns.h>
+#include <ldns/ldns.h>
 
 int
 usage(FILE *fp, char *prog) {

diff --git a/rr.c b/rr.c
index e140ee6467a6bd8461074bb533f5629e3f697461..079aaef6bb5b6b8473a780afcf11d55806272d24 100644 (file)
--- a/rr.c
+++ b/rr.c
@@ -1411,3 +1411,13 @@ ldns_rr_list2canonical(ldns_rr_list *rr_list)
                ldns_rr2canonical(ldns_rr_list_rr(rr_list, i));
        }
 }
+
+uint8_t 
+ldns_rr_label_count(ldns_rr *rr)
+{
+       if (!rr) {
+               return 0;
+       }
+       return ldns_dname_label_count(
+                       ldns_rr_owner(rr));
+}

diff --git a/rr_functions.c b/rr_functions.c
index 00fa6233175ed9751908800c33facc474fe75e7a..d9066287c187346e48210cb73799083805a4a099 100644 (file)
--- a/rr_functions.c
+++ b/rr_functions.c
@@ -23,6 +23,24 @@
 
 #include "util.h"
 
+#define _LDNS_RR_FUNCTION(TYPE, RR, POS)                \
+        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {      \
+                return false;                           \
+        }                                               \
+        return ldns_rr_rdf((RR), (POS));                
+
+#define _LDNS_RR_SET_FUNCTION(TYPE, RR, RDF, POS)       \
+        ldns_rdf *pop;                                  \
+        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {      \
+                return false;                           \
+        }                                               \
+        pop = ldns_rr_set_rdf((RR), (RDF), (POS));      \
+        if (pop) {                                      \
+                FREE(pop);                              \
+                return true;                            \
+        } else {                                        \
+                return false;                           \
+        }                                         
 
 /* handle A / AAAA records */
 ldns_rdf *
@@ -61,121 +79,121 @@ ldns_rr_set_address(ldns_rr *r, ldns_rdf *f)
 ldns_rdf *
 ldns_rr_nsdname(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_NS);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_NS, r, 0);
 }
 
 /* MX records */
 ldns_rdf *
 ldns_rr_preference(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_MX);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_MX, r, 0);
 }
 
 ldns_rdf *
 ldns_rr_exchange(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_MX);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_MX, r, 1);
 }
 
 /* RRSIG record */
 ldns_rdf *
 ldns_rr_typecovered(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 0);
 }
 
 bool
 ldns_rr_set_typecovered(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 0, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 0);
 }
 
 ldns_rdf *
 ldns_rr_algorithm(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 1);
 }
 
 bool
 ldns_rr_set_algorithm(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 1, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 1);
 }
 
 ldns_rdf *
 ldns_rr_labels(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 2, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 2);
 }
 bool
 ldns_rr_set_labels(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 2, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 2);
 }
 
 ldns_rdf *
 ldns_rr_origttl(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 3, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 3);
 }
 bool
-ldns_rr_set_origtll(ldns_rr *r, ldns_rdf *f)
+ldns_rr_set_origttl(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 3, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 3);
 }
        
 ldns_rdf *
 ldns_rr_expiration(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 4, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 4);
 }
 bool
 ldns_rr_set_expiration(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 4, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 4);
 }
 
 ldns_rdf *
 ldns_rr_inception(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 5, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 5);
 }
 bool
 ldns_rr_set_inception(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 5, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 5);
 }
 
 ldns_rdf *
 ldns_rr_keytag(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 6, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 6);
 }
 
 bool
 ldns_rr_set_keytag(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 6, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 6);
 }
 ldns_rdf *
 ldns_rr_signame(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 7, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 7);
 }
 bool
 ldns_rr_set_signame(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 7, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 7);
 }
 
 ldns_rdf *
 ldns_rr_sig(ldns_rr *r)
 {
-       _LDNS_RR_FUNCTION(r, 8, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 8);
 }
 
 bool
 ldns_rr_set_sig(ldns_rr *r, ldns_rdf *f)
 {
-       _LDNS_RR_SET_FUNCTION(r, f, 8, LDNS_RR_TYPE_RRSIG);
+       _LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 8);
 }